Klaus Darilion writes: > But we need to handle the validation of the domain in the certifiacte > somehow. why? since certificate doesn't carry any useful domain information, you have to do it yourself with a table that lists for each certificate the domains you want to see in from headers from that proxy. -- juha